1705 matches found
CVE-2023-1017
CVE-2023-1017 describes an out-of-bounds write in TPM2.0/Module Library CryptParameterDecryption. A local attacker could crash the TPM or gain arbitrary code execution in the TPM context. Affected scope includes TPM2.0 implementations via libtpms in VM TPM support and TPM modules. Public details ...
CVE-2024-26229
CVE-2024-26229 is a Windows local privilege-escalation vulnerability in the CSC service (csc.sys) that can enable kernel R/W access via a vulnerable IOCTL, permitting DKOM-based token replacement to achieve SYSTEM-level LPE. Exploitation details in connected docs describe using kernel memory acce...
CVE-2026-21510
CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...
CVE-2024-26161
CVE-2024-26161 affects the Microsoft WDAC OLE DB provider for SQL Server and is described as a Remote Code Execution vulnerability. The CVE entry lists a CVSS v3.1 base score of 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and NONE privileges required, but user interaction is REQ...
CVE-2025-21189
CVE-2025-21189 is listed as MapUrlToZone Security Feature Bypass. Connected sources categorize its impact as circumvention of a security measure. Public technical detail in the provided documents is limited; no explicit root-cause, vulnerable product/version, or exploitation information is given....
CVE-2022-38028
CVE-2022-38028 is a Windows Print Spooler privilege-escalation vulnerability. It arises from improper privilege assignment in the Print Spooler service, enabling a local attacker with low privileges and no user interaction to escalate to SYSTEM. Public exploits have been observed; CISA/KEV and MS...
CVE-2017-0055
CVE-2017-0055 refers to a cross-site scripting (XSS) elevation-of-privilege vulnerability in Microsoft Internet Information Services (IIS). The issue affects IIS on multiple Windows platforms (Vista through Windows Server 2016) and allows a remote attacker to craft a request that can execute scri...
CVE-2025-21293
CVE-2025-21293 — Active Directory Domain Services Elevation of Privilege. The vulnerability affects Active Directory Domain Services and enables an attacker to obtain elevated privileges via network access, with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and av...
CVE-2025-21418
CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...
CVE-2024-21407
CVE-2024-21407 is a Windows Hyper-V Remote Code Execution vulnerability tied to the Hyper-V component. Exploitation requires an authenticated attacker on a guest to send specially crafted file operation requests to hardware resources on the VM, which could lead to remote code execution on the hos...
CVE-2025-24054
CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...
CVE-2024-38193
CVE-2024-38193 concerns the Windows Ancillary Function Driver for WinSock (AFD) used by Winsock. The vulnerability is a local privilege-escalation issue in the AFD/WinSock stack, with a resource-management error cited by CNNVD and a privilege-escalation capability described by CISA KEV. Public ex...
CVE-2026-47291
The CVE-2026-47291 entry describes an integer overflow/ wraparound in Windows HTTP.sys that enables a remote attacker to execute code over the network. Affected software component: Windows HTTP.sys. Root cause: integer overflow/wraparound in the HTTP.sys processing path. Impact: unauthenticated n...
CVE-2024-30040
CVE-2024-30040 is a Windows MSHTML Platform Security Feature Bypass vulnerability. The affected component is MSHTML (Windows), with a root cause described as a security feature bypass in the MSHTML engine. Impact per CVSS: CVSS 3.1 base score 8.8 (High) affecting confidentiality, integrity, and a...
CVE-2025-33065
CVE-2025-33065 is an information-disclosure vulnerability: an out-of-bounds read in Windows Storage Management Provider could allow an authorized attacker (local access, low privileges) to disclose information. CVSS v3.1 base metrics indicate Local access, Low attack complexity, Privileges requir...
CVE-2024-21408
Microsoft’s CVE-2024-21408 is a Windows Hyper-V Denial of Service vulnerability that can be triggered by a guest to cause a host crash. The available connected sources confirm Hyper-V as the affected product, the host compromise from a guest as the attack scenario, and a DoS impact. The CVSS vect...
CVE-2024-38213
CVE-2024-38213 is a Windows Mark of the Web (MoTW) security feature bypass vulnerability. Affected software involves Windows MoTW handling; the flaw allows downloaded web-origin files to bypass warnings/ protections, enabling potentially malicious content to execute. Exploitation information in c...
CVE-2026-21533
CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...
CVE-2024-38178
CVE-2024-38178 is a Microsoft Windows Scripting Engine memory corruption vulnerability that exists in Edge when running Internet Explorer mode. It enables remote code execution and is being actively exploited in the wild, with public pressure reflected in multiple advisories and exploit catalogs....
CVE-2025-24993
CVE-2025-24993 is a Windows NTFS heap-based buffer overflow that allows a locally authenticated attacker to execute arbitrary code. Affected component is NTFS on Windows; root cause is a heap-based overflow in NTFS handling. CVSS v3.1 indicates local attack vector, no privileges required, user in...
CVE-2025-24985
CVE-2025-24985 affects the Windows Fast FAT File System Driver and is caused by an integer overflow/wraparound, enabling local code execution. The vulnerability has seen exploitation in the wild (per Krebs/Microsoft Patch Tuesday coverage), and mitigation is to install the MSRC-released updates l...
CVE-2023-1018
CVE-2023-1018 is an out-of-bounds read in TPM 2.0’s Module Library (CryptParameterDecryption) that could allow a local attacker to read sensitive data stored in the TPM. Connected advisories confirm a local, authenticated access scenario and note TPM exposure on affected IBM Power firmware (Power...
CVE-2026-33824
CVE-2026-33824 is a Windows IKE Extension (ikeext) remote code execution vulnerability caused by a double-free in IKEEXT. ZDI notes it is wormable and affects systems with IKE enabled; exploitation can occur over UDP/500-4500 and may enable lateral movement from inside networks. Microsoft has iss...
CVE-2024-21438
Technical details for CVE-2024-21438 are not provided in the supplied documents. Monitor for updates from the connected sources to obtain affected product, root cause, impact, and remediation information.
CVE-2024-26207
CVE-2024-26207 is a Windows Remote Access Connection Manager information disclosure vulnerability. Affected component: Windows Remote Access Connection Manager (local attacker? per CVSS v3.1 shows LOCAL with low complexity and low privileges). Documented impact in the connected NCSC advisory (NCS...
CVE-2024-37976
CVE-2024-37976 is described as a Windows EFI Partition vulnerability: a security feature bypass (Circumvention of security measure) with CVSS 3.1 base score 6.7 (LOCAL, LOW attack complexity, HIGH privileges required, no user interaction). The connected data specifies affected component as Window...
CVE-2024-38106
CVE-2024-38106 is a Windows kernel local privilege escalation vulnerability. The Windows kernel race condition allows a local attacker with low privileges to gain SYSTEM-level access and execute code with high impact. Microsoft lists this CVE as being actively exploited in the wild. The advisory ...
CVE-2024-38217
CVE-2024-38217 is a security feature bypass in Microsoft Windows Mark of the Web (MOTW). The vulnerability allows bypassing MOTW protections when opening booby-trapped Office files, as discussed in multiple sources. Exploitation details are not fully disclosed in the provided documents, but the C...
CVE-2024-21437
CVE-2024-21437 is a Windows Graphics Component elevation-of-privilege vulnerability (local access, low attack complexity) affecting Windows OS. Public references corroborate it as a Windows Graphics Component issue discussed among Patch Tuesday updates, highlighting it among elevated-risk vulnera...
CVE-2024-30073
CVE-2024-30073 is a Windows Security Zone Mapping security feature bypass vulnerability. The public records show a CVSS v3.1 base score of 7.8 (High) with Local attack vector, low attack complexity, no privileges required, but user interaction required, and impact to confidentiality, integrity, a...
CVE-2023-36424
CVE-2023-36424 is documented as a Windows kernel-level out-of-bounds read vulnerability in the Common Log File System Driver (clfs.sys) that enables privilege escalation. Connected sources describe a pool overflow/record-validation flaw in clfs.sys (Windows Kernel pool management) exploited via c...
CVE-2025-21181
Technical details (affected products/versions, root cause, exploitability, fixes) for CVE-2025-21181 are not provided in the supplied documents. Please monitor official advisories for concrete technical information.
CVE-2024-21427
CVE-2024-21427 is a Windows Kerberos Security Feature Bypass vulnerability. The CVSSv3.1 base score is 7.5 (High): Vector AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating network exploitation with high impact to confidentiality, integrity, and availability. The attack vector is network, requiring ...
CVE-2025-24984
CVE-2025-24984 is an NTFS information-disclosure vulnerability in Windows NTFS caused by insertion of sensitive data into a log file, potentially leaking heap memory when a physical medium is mounted or accessed. CVSS v3.1 vector: AV=Physical/AC=L/PR=None/UI=None/S=Unchanged/C=High/I=None/A=None;...
CVE-2017-0214
CVE-2017-0213 is a Windows Privilege Escalation flaw in the COM Aggregate Marshaler. Reports confirm it enables local elevation of privilege when a specially crafted app is run, affecting Windows client and server SKUs listed in the CVE description. Several connected sources document exploitation...
CVE-2024-21372
Technical details for CVE-2024-21372 are not publicly available in the provided documents. The connected items only reference the CVE among broader Windows vulnerability listings; no affected product/version, root cause, impact, or fixes are stated.
CVE-2024-26166
Technical details about CVE-2024-26166 (affected software, root cause, impact, or fixes) are not provided in the connected documents. Please monitor for official advisories from Microsoft and CVE records for updates.
CVE-2024-38107
CVE-2024-38107 is a Windows Privilege Escalation vulnerability in the Power Dependency Coordinator. Affected component: Windows Power Dependency Coordinator. Impact: local attacker with low privileges can obtain SYSTEM privileges (vector: local, no user interaction). Root cause details are not pr...
CVE-2024-38118
Technical details (affected component, root cause, exploit info, patch status) for CVE-2024-38118 are not provided in the connected documents. The initial description notes LSA server information disclosure but lacks concrete specifics; monitor for updates.
CVE-2024-21433
Technical details for CVE-2024-21433 are not publicly available in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates.
CVE-2025-24991
CVE-2025-24991 is an NTFS out-of-bounds read vulnerability in Windows that can disclose local information after mounting a malicious VHD. Exploitation requires local access and user interaction (per CVSS) or mounting a crafted disk image (per patch-cycle reporting). Microsoft has issued updates; ...
CVE-2024-26162
CVE-2024-26162 corresponds to a remote code execution vulnerability in the Microsoft ODBC Driver. The CVSS 3.1 base metrics indicate: Network attack vector, low attack complexity, no privileges required, user interaction is required, and there is a High impact to confidentiality, integrity, and a...
CVE-2024-49113
CVE-2024-49113 is a Windows LDAP Denial-of-Service vulnerability affecting the LDAP client. Public PoCs exist (e.g., LDAPNightmare) and show proof-of-concept testing integrated with Metasploit and other repositories; multiple exploit/checker projects also reference testing for this CVE. The descr...
CVE-2025-30397
CVE-2025-30397 is a memory-corruption/Use-After-Free style vulnerability in the Microsoft Scripting Engine (jscript.dll) that enables remote code execution via specially crafted web content. The CVE’s affected component is the JScript/Windows Scripting Engine, with an attack vector over the netwo...
CVE-2017-0025
Technical details such as affected products, vulnerable components, impact, and remediation for CVE-2017-0025 are not provided in the connected documents; no publicly disclosed specifics are included here. Monitor for updates.
CVE-2024-21370
Public technical details for CVE-2024-21370 are not provided in the connected documents; the OpenVAS entries enumerate the CVE across multiple Microsoft KBs without product/version specifics. Monitor for updates.
CVE-2024-26234
CVE-2024-26234 is a locally exploitable proxy driver spoofing vulnerability in Windows. The issue is tied to the Windows Proxy Driver, with exploitation requiring high privileges and no user interaction, leading to potential confidentiality, integrity, and availability impacts as indicated by the...
CVE-2024-21350
CVE-2024-21350 corresponds to a Remote Code Execution vulnerability in the Microsoft WDAC OLE DB provider for SQL Server. The entry lists a CVSS v3.1 base score of 8.8 (HIGH), with attack vector NETWORK, privileges required NONE, user interaction REQUIRED, and both confidentiality, integrity, and...
CVE-2024-21358
Technical details about CVE-2024-21358 (Microsoft WDAC OLE DB provider for SQL Server remote code execution) are not provided in the supplied documents. Monitor for official updates from Microsoft and trusted security advisories for affected products, mitigations, and fixes.
CVE-2021-43226
CVE-2021-43226 pertains to the Windows Common Log File System (CLFS) Driver. The available documents identify a local privilege-escalation vulnerability in CLFS that could allow a privileged attacker on a Windows host to gain higher privileges. The CVE is listed in the KEV catalog as a Microsoft ...